Detik News- Exploit DB
- [webapps] Simple Student Information System 1.0 - SQL Injection (Authentication Bypass) April 13, 2021Simple Student Information System 1.0 - SQL Injection (Authentication Bypass)
- [webapps] Blitar Tourism 1.0 - Authentication Bypass SQLi April 13, 2021Blitar Tourism 1.0 - Authentication Bypass SQLi
- [webapps] ExpressVPN VPN Router 1.0 - Router Login Panel's Integer Overflow April 13, 2021ExpressVPN VPN Router 1.0 - Router Login Panel's Integer Overflow
- [remote] vsftpd 2.3.4 - Backdoor Command Execution April 12, 2021vsftpd 2.3.4 - Backdoor Command Execution
- [webapps] PrestaShop 1.7.6.7 - 'location' Blind Sql Injection April 9, 2021PrestaShop 1.7.6.7 - 'location' Blind Sql Injection
- [webapps] CMSimple 5.2 - 'External' Stored XSS April 8, 2021CMSimple 5.2 - 'External' Stored XSS
- [webapps] DMA Radius Manager 4.4.0 - Cross-Site Request Forgery (CSRF) April 8, 2021DMA Radius Manager 4.4.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Composr 10.0.36 - Remote Code Execution April 8, 2021Composr 10.0.36 - Remote Code Execution
- [remote] Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution April 8, 2021Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution
- [webapps] Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS April 7, 2021Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS
- [webapps] Composr CMS 10.0.36 - Cross Site Scripting April 7, 2021Composr CMS 10.0.36 - Cross Site Scripting
- [webapps] Dell OpenManage Server Administrator 9.4.0.0 - Arbitrary File Read April 7, 2021Dell OpenManage Server Administrator 9.4.0.0 - Arbitrary File Read
- [webapps] Mini Mouse 9.3.0 - Local File inclusion / Path Traversal April 6, 2021Mini Mouse 9.3.0 - Local File inclusion / Path Traversal
- [remote] Google Chrome 81.0.4044 V8 - Remote Code Execution April 6, 2021Google Chrome 81.0.4044 V8 - Remote Code Execution
- [remote] Google Chrome 86.0.4240 V8 - Remote Code Execution April 6, 2021Google Chrome 86.0.4240 V8 - Remote Code Execution
- [webapps] Simple Student Information System 1.0 - SQL Injection (Authentication Bypass) April 13, 2021
Category Archives: Security
Menonaktifkan Open DNS Server BIND
Beberapa waktu lalu, tim abuse dari salah satu penyedia VPS (Virtual Private Server) yang saya gunakan meneruskan email komplain ke saya terkait dengan digunakannya server VPS saya sebagai reflektor serangan DDoS ke server di Eropa. Setelah saya cek, ternyata ada … Continue reading
Posted in IT, Security, Tips and Tricks
Leave a comment
[Update] WordPress 0day XSS Vulnerability
Buat teman-teman yang mempunyai website/blog menggunakan wordpress, diharapkan segera melakukan update ke wordpress terbaru 4.2.1 berhubung adanya vulnerability 0day XSS dimana penyerang bisa membuat komentar di post/page manapun dan menyisipkan script XSS yang bisa mendapatkan/eksekusi perintah di server. Referensi bisa … Continue reading
Cpanel Down
Siang ini saya coba mengakses cpanel.net dan sepertinya database sedang mengalami masalah. Bisa dibayangkan kalau corporate sebesar Cpanel masih mengalami masalah classic seperti ini. Bagaimana kesiapan Anda dalam hal menangani bisnis Anda yang berhubungan dengan koneksi ke pusat data mengalami … Continue reading
Posted in IT, Security
Leave a comment
Hati-hati pencurian password email
yahoo scam, stolen password yahoo Continue reading
Posted in IT, Security, Tips and Tricks
Leave a comment
Forecast vulnerability Pligg CMS
Saya cukup kaget melihat ada forecast vulnerability di situs securityfocus.com. Bisa dilihat di screenshoot disamping atau coba klik http://www.securityfocus.com/bid/51273. Aneh tapi cukup nyata.
Posted in IT, Security
Leave a comment